摘要
普通权限用户通过查询并结合数据库的其他知识,绕过安全机制,进行间接推理获取非授权信息,从而造成安全数据库敏感信息的推理泄漏。针对这一问题,提出了一种数据层的推理泄漏检测方法。该方法在形式化描述的基础上,根据数据库的约束规则和用户查询数据,基于逻辑推理实现了推理泄漏的检测。理论分析和测试结果表明该方法能够全面、有效地获取用户查询结果中实际蕴含规则,运用这些规则,可以使推理检测的正确率达到81.3%。
The problem of inference disclosure in secure databases that occurs when a generic user circles security mechanism and obtains sensitive data in the database combining the acquired data and application knowledge of the database. To resolve the problem, an approach to inference disclosure detection at data level was proposed. The approach was expressed in form of formal system and detected inference disclosure with logic-based techniques based on database constraints and data user acquired. It is proved theoretically and showed by testing result that the approach can obtain material implications from the acquired data completely and effectively, and its correctness rate of detection can get up to 81.3% with those material implications.
出处
《吉林大学学报(信息科学版)》
CAS
2005年第3期294-298,共5页
Journal of Jilin University(Information Science Edition)
基金
国家自然科学基金资助项目(69931040)
江苏省自然科学基金资助项目(BK2004015)
关键词
形式系统
安全数据库
推理泄漏
实际蕴含
formal system
secure database
inference disclosure
material implication